package cn.toma.config.authentication;

import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.LinkedHashMap;

/**
 * Shiro 配置类
 *
 * @author zqx
 */
@Configuration
public class ShiroConfig
{

	@Bean
	public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager)
	{
		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
		// 设置 securityManager
		shiroFilterFactoryBean.setSecurityManager(securityManager);

		// 在 Shiro过滤器链上加入 JWTFilter
		LinkedHashMap<String, Filter> filters = new LinkedHashMap<>();
		filters.put("jwt", new JWTFilter());
		shiroFilterFactoryBean.setFilters(filters);

		LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
		// 所有请求都要经过 jwt过滤器
		filterChainDefinitionMap.put("/**", "jwt");

		shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
		return shiroFilterFactoryBean;
	}

	@Bean
	public SecurityManager securityManager()
	{
		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
		// 配置 SecurityManager，并注入 shiroRealm
		securityManager.setRealm(shiroRealm());
		return securityManager;
	}

	@Bean
	public ShiroRealm shiroRealm()
	{
		// 配置 Realm
		return new ShiroRealm();
	}

	@Bean
	public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager)
	{
		AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
		authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
		return authorizationAttributeSourceAdvisor;
	}
}
